Low-cost smartphones have a dangerous side

FORTUNE — Smartphones are expected to see exponential growth in the next four years as new low-cost handsets become available, making so-called feature phones obsolete. That popularity could bring trouble in the form of viruses and malware.

According NPD DisplaySearch low-cost smartphones, defined as models with a selling price of less than $150, are forecast to double every year from 2010 to 2016. This would be an increase from 4.5 million to 311.0 million — opening up possibilities for enterprising cyber criminal.

Naturally, there is already plenty of malware out there already. The Internet Crime Complaint Center (also known as the IC3) noted earlier this month that various malware attacks have increased on Google’s GOOG Android devices; the Loozfon and FinFisher are two of the most serious. Loozfon is an information-stealing piece of malware that can nab contact details from a user’s address book, while FinFisher can remotely control and monitor a device.

The problem is likely only to get worse because those low-cost phones could lack some of the security features that IC3 and other groups recommend. Android has become the most popular operating system for low-cost smartphone designs because it is open source. But this has also potentially opened the door to hackers continuing to look for ways to exploit security holes on mobile platforms.

This past March security researchers at the Black Hat Europe event found that Android was still the mobile platform on which malware has thrived most. While both Apple AAPL and Google both charge app developers a fee to create apps, researchers have argued that the Android fee of just $25 — compared to the $99 for iOS — makes it a low-cost option for hackers as well.

This has hit users in the developing world especially hard as many smartphone owners look to avoid official “paid” apps for unofficial “free” apps, and end up getting malware instead. In July the first instance of iOS App Store malware was detected and subsequently removed, but this “Find and Call” app reportedly installed a Trojan that could steal and upload a user’s address book to remote servers and then send spam to the email addresses and phone numbers, telling them about the app.